Google Drive is NOT an ECM Solution (Part One)
Sometimes when I am speaking with an organization about Laserfiche, they pose this question:
“Why should I pay for ECM when Google Drive is free?”
There are many reasons, which I will discuss over a few blog posts, but the one you should be most familiar with is security. If you keep your organization-critical records in your Google Drive, you’ll be opening yourself up to significant security risks. And that’s not all. Here are some considerable security disadvantages of using Google Drive.
Probably the most significant disadvantage to using Google Drive is that it can be easily hacked and that hackers can steal your data or hold it for ransom. Google Drive is a favorite target of hackers because of how widely used it is, and you can be sure they are on a constant lookout for more opportunities to tamper. This is in the news all the time. And companies of all sizes, too! Hackers get past your firewall and install malicious hardware in your server, then POOF! Your information assets are gone! Your password(s) can be hacked, or if you share a link, it could be sent to an untrustworthy party. This is a significant risk, especially with your most sensitive documents like financial statements or client information. If a malicious third party accesses them, it could cause tremendous harm to your business. Google may still be developing its drive. It is a decent storage tool but lacks hacker protection tools.
Another issue is shadow repositories and document versioning. When organizations use Google Drive, IT administration and business owners are unaware of perhaps multiple or unauthorized product installations and cannot control the devices that can sync with corporate shares. With information replicated on countless computers and personal devices, the administration loses control over the information, and the risk of data theft, abuse, or even fraud drastically increases.
Google’s encryption capabilities are somewhat lacking. Google Drive uses 256-bit SSL/TLS encryption for files in transit and 128-bit AES keys for files at rest. Data in motion is data most at risk, but that does not mean it automatically becomes safe once it stops moving. If Google Drive is the fenced-in backyard pool in the lovely neighborhood, Laserfiche is the lockbox inside the safe inside the vault inside the house.
Laserfiche offers multiple options insofar as encryption goes because it can leverage the native encryption offered in Microsoft SQL Server or for virtualized environments and make use of Virtual Disk Encryption in VMware so that all data, including backups, are protected in case of theft or loss.
Laserfiche offers a highly secure environment, especially when teamed with restorVault as a part of our Trusted System product. The State of California defines Trusted System as “a combination of techniques, policies, and procedures for which there is no plausible scenario in which a document retrieved from or reproduced by the system could differ substantially from the document that is originally stored.” In short, not only are your records secure, but by using a Trusted System, you are ensured of having the correct, unchanged, legal version of the record. While we initially saw Trusted Systems implemented by agencies, now we’re seeing them in highly regulated industries like manufacturing, transportation, financial, and healthcare. As more industries and organizations develop standards and best practices, they’ll find themselves needing the functionality of a proper ECM like Laserfiche.
Have I convinced you? Stay tuned for my blog post on compliance.